AndroRAT: a dangerous malware

AndroRAT: a dangerous malware
AndroRAT: a dangerous malware

AndroRAT: a dangerous malware

AndroRAT: a dangerous malware that fortunately will not affect us if we have an updated mobile, In Android, we have faced many types of malware. We have from those who take the opportunity to mine cryptocurrencies to those who steal bank details. All are hidden in applications of questionable quality that Google strives to remove from Google Play. However, much of the work to prevent this malware is to improve the security of the system itself, in order to limit the scope and danger of the attacks.

In this direction, we recently saw how Google announced that it has paid 2.9 million dollars to solve these vulnerabilities. These are figures from 2017 but it is a practice that has been carried out for more than eight years. Over 1,200 security flaws were discovered by 274 researchers.

Today it’s time to talk about AndroRAT (Android Remote Access Tool), a vulnerability discovered in 2012 by Robin David, currently a security engineer, in his university project. It was a vulnerability that allowed remote access and control of the mobile. It was intended as an open-source tool but caught the attention of malicious minds who saw this as a serious security flaw.

After contacting Robin David he sends us the following thoughts: “I believe that the authors have used AndroRAT to build an application that exploits the vulnerabilities and sneakily installs itself on the device. The original app lacked these problematic mechanisms. Additionally, the AndroRAT original worked entirely on non-rooted devices, while this malware can root the mobile, necessary I think to get WiFi passwords. I think the main use of this reuse of AndroRAT is to collect GPS data, texts, and network protocols. As users the only thing that I can recommend is not to install apps outside of Google Play and follow good practices.

A dangerous vulnerability already fixed

Now through TrendMicro, we see that they have discovered a new variant of that application that can be used as malware. It is a more advanced and even more dangerous version, with the ability to obtain all kinds of permissions and carry out actions that seriously compromise our device.

Before worrying any further, we must warn you that Google already fixed the CVE-2015-1805 vulnerability in March 2016. It had been fixed in the Linux kernel quite a bit earlier, but it wasn’t until early 2016 that the issue was confirmed on Android. At that time, the monthly security patch was applied and since then it is not an issue that should concern us.

Como todo en Android, es relativo a la antigüedad del móvil. Todos aquellos con Android 7.0 Nougat o superior no deben preocuparse de AndroRAT. De hecho, el parche de seguridad llegó antes que Nougat, por lo que muchos dispositivos con Android 6.0 Marshmallow también habrán aplicado su correspondiente parche.

¿Qué ocurre con todos los millones de móviles Android que no han sido actualizados? Básicamente que son vulnerables a malwares como los que se aprovechan de AndroRAT. Esto es un problema, ya que los atacantes además de seguir buscando nuevas vulnerabilidades, también mejoran los malware antiguos pese a que no permitan acceder a los móviles nuevos.

Leave a Reply

Your email address will not be published.

Previous Post
Kitchen Appliances Nairobi

Kitchen Appliances Nairobi Ensures Your Home Finally Looks Amazing

Next Post

Online Casino Tips: How To Have A Fun And Risk-Free Experience

Related Posts